A mobile device, such as a smartphone, can be adapted for a multitude of uses because of its hardware array and software programmability. A single mobile device can interchangeably be used as a communication device, camera, secure payment device, audio recording device, gaming platform, navigation device, Internet browser, music player, flashlight, health monitor, calendaring tool, and email access device as some adaptations in use today. Each such adaptation is intended to consolidate and reduce the number of different devices and physical objects that people carry with them.
Physical keys and keycards remain in wide-spread use even though mobile devices have the requisite hardware and software to adapt for the very same purpose of authorizing access to a restricted resource. This particular adaptation of the mobile device is stalled because of several shortcomings in the prior art implementations.
Mobile devices can securely store access credentials or other tokens, and wirelessly transmit the access credentials or other tokens when in range of a reader or access control unit as do keycards. However, keycards provide a near instantaneous authorization that completes in a few hundred milliseconds, whereas current implementations with mobile devices can take several seconds to complete. These additional seconds have significant impact to the overall user experience.
The added delay is attributable in part to the additional actions that a user performs when using the mobile device in place of a keycard. The user first retrieves the mobile device, unlocks the mobile device, opens an authorization application, and initiates the authorization with a press, gesture, or other command. These steps are several times slower than retrieving a keycard and moving it in range of a reader.
Even if these physical actions by the user are eliminated by having the mobile device automatically initiate the access authorization, there is still delay in using the mobile device instead of a keycard. Authorizing access with a mobile device involves the mobile device detecting a wireless signal for communicably coupling to the reader or access control unit. This can be a Bluetooth discovery signal or a WiFi network service set identifier (SSID) as some examples. The mobile device then establishes a wireless connection to the reader or access control unit. The connection is typically secured with an additional handshaking exchange for encrypting messaging between the endpoints. Once the connection is secured, the mobile device can then pass the access credentials or token to initiate the access authorization. Keycards remove or simplify much of this initial connection establishment and security overhead. Performance from the mobile device therefore remains slower even with the mobile device automatically initiating access authorization on behalf of a user.
There is a greater issue of security that stems from having the mobile device automatically initiate the access authorization without user action when the mobile device detects a reader or access control unit. Specifically, there is no means of authorizing the user's intent to access the restricted resource before, during, or after access to the restricted resource has been authorized. For instance, the user may walk by a locked door with no intention of walking through the door. If the mobile device automatically initiates the access authorization, the door will be unlocked allowing another unauthorized party access through the door. Similarly, an authorized user may be with or around a group of unauthorized users. If the authorized user's mobile device automatically initiates the access authorization, any of the unauthorized users that are closer to the door can gain access before the authorized user.
Accordingly, there is a need to better adapt mobile devices for authorizing access to a restricted resource. More specifically, there is need to expedite completion of the access authorization without comprising security. There is a therefore a need to retain a step for authorizing the intent of a user to access a restricted resource without introducing delay that slows mobile device based access authorization relative to keycard based access authorization, wherein the intent authorization ensures that the user authorized for access is the user accessing the resource that is the target of the authorization.